Comments

You must log in or register to comment.

Raico wrote

Wht's so bad privacy-wise about Zoom? I have never used it, so I have no idea what its like.

6

celebratedrecluse moderator wrote

All data on its network is monitored in real time by the United States Department of Homeland Security, through compliance with a program called FedRAMP. They actually advertise this functionality, because it allows them to contract with government agencies in the United States, which is very lucrative. You can look this up on wikipedia or their website. They have specific encryption backdoors built into the software to allow the monitoring with all encryption dynamically removed.

Additionally, the host of individual calls can see everything on the other participants' computer without their knowledge, active windows, etc. This is because the system is designed for corporate workflow, not anarchist organizing lol

If you observe someone you organize with saying "it's encrypted, don't worry" who is also hosting the calls...they might not have your best interest in mind, just saying.

5

Raico wrote

Thank you very much! I'll definitely search some more information about all this because it definitely sounds really creepy.

3

GermyCovid444 wrote

There are also links to the Communist Chinese regime, you could have a zoom meeting in America and be monitored by both US and Chinese overseers.

2

avbeav wrote

Zoom also used to allow any website to record you through your webcam because of their clever trick with installing a local web server to skip around the browser dialog for audio / video permissions.

That local server was also open for remote code execution and kept running after uninstalling Zoom. Yummy.

If you absolutely must use Zoom then under no circumstances install the client. Zoom works from the browser although they employ a dark pattern to trick you into installing their client. There's a browser extension to work around that though.

4

Raico wrote

Who would had said Google would seem non-intrusive in comparision.

Thanks for taking the time to explain this, really appreciate it :)

5

An_Old_Big_Tree wrote (edited )

Hi! Are you Raico aka raicopk?

If so, it's lovely to have you here. There've been a couple nice redditors showing their faces recently.

4

Raico wrote

Yeah, that's me. I made this account long ago but I completely forgot about it to be honest. Anyways, thank you very much <3

3

kano wrote

https://jitsi.org/ I guess you could also use whatsapp or signal, they both have 2 way video calls anyway.

5

celebratedrecluse moderator wrote (edited )

whatsapp is proprietary, privacy nightmare for organizers definitely

signal isn't capable of group calls

mumble only does audio.

jitsi is the only one that has everything, is open source, encrypted, no known backdoors. unless there's one I don't know about

Edit: Jami/Ring!!!

5

stoned_chief wrote

Jitsi has end-to-end encryption? I never used it cause I thought they didn't.

3

celebratedrecluse wrote

No, it is Encrypted from network to server, server must decrypt in order for the webRTC group call functionality to work.

This is why you host your own server, for example

1

lautreamont wrote (edited )

I can't wrap around my head why privacy-minded ppl are still talking about the spooky Signal, while I never hear anything about Briar, which is GPL 3, end2end encryption, and also not fucking depending on your cell phone number... as it allows for either data, wifi and bluetooth connections.

1

avbeav wrote

Had a skeg at Briar. It appears to only work for smartphones, specifically those running Android. As limited as it is, at least Signal has Signal Desktop going for it.

2

stoned_chief wrote

Signal is super easy to use and available on all platforms. Briar is still experimental and only for Android. It has potential, but it can't yet replace other messengers. Once versions come out for Linux and hopefully iOS and it's eventually audited, Briar could replace something like Signal.

1

kano wrote

I'm unaware so please any links/ explanations about the spookiness of signal would be helpful thanks. Been making extensive use of that as it seemed to me that they have a solid end to end encryption and definitely compared to whatsapp, a way less intrusive metadata collection.

1

lautreamont wrote

It has background processes interacting with other communication apps like SMS and your unencrypted list of contacts.

Also it is based on cell phones numbers, afaik.

1

lautreamont wrote

It has background processes interacting with other communication apps like SMS and your unencrypted list of contacts.

Also it is based on cell phones numbers, afaik.

1

An_Old_Big_Tree wrote

Some German anarchists I know are using https://www.mumble.info because of concerns with zoom, so I assume it covers the basics, but I haven't looked into it myself.

4

nbdy wrote

Someone on mastodon said this.

Jitsi is getting a lot of mentions here.

I wonder if people are aware of GNU Jami, a P2P > solution. https://jami.net/

Jami has end-to-end encryption while Jitsi is only encrypted during transit. The Jitsi server has your packets available in unencrypted form. If you can't trust a Jitsi server and need end-to-end encryption, Jami can be a good alternative.”

4

celebratedrecluse moderator wrote

Jami, that's right! I would look into this one. Might be the best option because of its decentralized nature.

3

stoned_chief wrote

Matrix, Jami, and Wire are all great alternatives. They have their problems so just be sure to educate yourself and know which is best for you.

2

Syrinx wrote

I use Jitsi. It is all in browser, so there are fewer compatibility issues. Getting zoom running on obscure distros is a pain, so this alone makes it worth the switch.

2

TheLegendaryBirdMonster wrote

riot.im has video chat but may be a little laggy

1

celebratedrecluse moderator wrote (edited )

riot group calls are unencrypted unfortunately. better than zoom, but the calls are hosted by default from the UK, which is probably the worst country on earth for privacy and data protection. especially since the GDPR now doesn't apply iirc

Matrix ecosystem is great, but use your own homeserver.

3

kore wrote

i've used riot.im, it works okay but it seems like the matrix.org homeserver has been incredibly laggy in past days. If you consider it, i'd maybe look at a different homeserver

1

celebratedrecluse moderator wrote

Definitely. matrix ecosystem is cool, but I wouldn't use the matrix.org server. Not only did they have a huge privacy leak/hack in the last year, they are also hosted in the UK, which is one of the worst countries possible for data privacy/government surveillance. Even worse than USA tbf

2

kore wrote

yeah I'm actually looking into self hosting cause I mainly just use it for friends but I may want to join large public rooms soon idk

2

celebratedrecluse wrote

I believe the large rooms allow different homeservers to connect.its a setting u have to manually enable to prohibit that.

You could also have two accounts,1for matrix.org and one for your own server.

1